//-----------------------------------------------------------------------------
//クラス名：LoginServlet.java
//所    属：H3A1 04
//名    前：大瀬碩
//説    明：IDとPWを参照してログインする
//-----------------------------------------------------------------------------
package login;


import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.Properties;

import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

//@WebServlet("/LoginServlet")
public class LoginServlet extends HttpServlet {
	
	String sn = null;
    int ci = 0;
    int an = 0;
    int ca = 0;
    int cu = 0;
    int sc = 0;
    int cli = 0;
    int ch = 0;
	private static final long serialVersionUID = 1L;
	
	protected Connection conn = null;
	
	//DB接続
	public void init() throws ServletException{
		try {
		ServletContext context = this.getServletContext();
		String path = context.getRealPath("/WEB-INF/connect.properties");
		
		InputStream in;
		
		in = new FileInputStream(path);
		Properties properties = new Properties();
		properties.load(in);
		in.close();

	    String url = properties.getProperty("key1");
	    String user = properties.getProperty("key2");
	    String password = properties.getProperty("key3");

	    
	      Class.forName("com.mysql.jdbc.Driver").newInstance();
	      conn = DriverManager.getConnection(url, user, password);
	    }catch (ClassNotFoundException e){
	      log("ClassNotFoundException:" + e.getMessage());
	    }catch (SQLException e){
	      log("SQLException:" + e.getMessage());
	    }catch (Exception e){
	      log("Exception:" + e.getMessage());
	    }
	}
	public void destory(){
	    try{
	      if (conn != null){
	        conn.close();
	      }
	    }catch (SQLException e){
	      log("SQLException:" + e.getMessage());
	    }
	}

	protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
		response.setContentType("text/html; charset=UTF-8");
		HttpSession session = request.getSession(true);
		
		//入力されたIDとPW取得
	    String user = request.getParameter("id");
	    String pass = request.getParameter("pw");
	    
	    //IDとPWをチェック
	    boolean check = authUser(user, pass);
	    
	    //入力されたIDとPWが正しければ各種情報をセッションに格納
	    if (check){
	      
	      session.setAttribute("login", "OK");
	      
	      session.setAttribute("id",user);
	      session.setAttribute("name",sn);
	      session.setAttribute("class",ci);
	      session.setAttribute("a_number",an);
	      session.setAttribute("club",cu);
	      session.setAttribute("captain",ca);
	      session.setAttribute("s_captain",sc);
	      
	      //キャプテン、副キャプテンの場合クラブ情報編集できるようにする
    	  if(ca==1 || sc==1){
    		  session.setAttribute("club_edit","OK");
    	  }
    	  
    	  //ログインした状態でトップページへ
	      response.sendRedirect("index.jsp");
	    }else{
	    	//IDとPWが正しくない場合はログインページへ戻す
	    	session.setAttribute("status", "Not Auth");
	    	response.sendRedirect("Login.jsp");
	    }
	  }
	
	protected boolean authUser(String user, String pass){
	    if (user == null || user.length() == 0 ||  pass == null || pass.length() == 0){
	      return false;
	    }
	    //入力されたIDとPWでデータ取得
	    try {
	      String sql = "SELECT * FROM student WHERE student_id = ? && student_pw = ?";
	      PreparedStatement pstmt = conn.prepareStatement(sql);

	      pstmt.setString(1, user);
	      pstmt.setString(2, pass);
	      ResultSet rs = pstmt.executeQuery();
	      
	      if (rs.next()){
	    	  sn = rs.getString("student_name");
	    	  ci = rs.getInt("Class_id");
	    	  cli = rs.getInt("club_id");
	    	  an = rs.getInt("attendance_number");
	    	  cu = rs.getInt("club_id");
	    	  ca = rs.getInt("captain_flag");
	    	  sc = rs.getInt("sub_captain_flag");
	        return true;
	      }else{
	        return false;
	      }
	    }catch (SQLException e){
	      log("SQLException:" + e.getMessage());
	      return false;
	    }
	  }
}